From 5c8c454a1832757c588ae3c9121cffe6a4301471 Mon Sep 17 00:00:00 2001
From: "Owain G. Ainsworth" <oga@nicotinebsd.org>
Date: Mon, 17 Jun 2013 16:18:27 +0100
Subject: [PATCH] fix up some indexing in ParseSignature.

a test i was working on was crashing this otherwise. Make length checks more
paranoid.
---
 signature.go | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/signature.go b/signature.go
index 79e87e44..f710d009 100644
--- a/signature.go
+++ b/signature.go
@@ -58,15 +58,17 @@ func ParseSignature(sigStr []byte, curve elliptic.Curve) (*Signature, error) {
 
 	// Length of signature R.
 	rLen := int(sigStr[index])
-	if rLen < 0 || rLen > len(sigStr)-index {
+	// must be positive, must be able to fit in another 0x2, <len> <s>
+	// hence the -3. We assume that the length must be at least one byte.
+	index++
+	if rLen <= 0 || rLen > len(sigStr)-index-3 {
 		return nil, errors.New("malformed signature: bogus R length")
 	}
-	index++
 
 	// Then R itself.
 	signature.R = new(big.Int).SetBytes(sigStr[index : index+rLen])
 	index += rLen
-	// 0x02
+	// 0x02. length already checked in previous if.
 	if sigStr[index] != 0x02 {
 		return nil, errors.New("malformed signature: no 2nd int marker")
 	}
@@ -74,10 +76,11 @@ func ParseSignature(sigStr []byte, curve elliptic.Curve) (*Signature, error) {
 
 	// Length of signature S.
 	sLen := int(sigStr[index])
-	if sLen < 0 || sLen > len(sigStr)-index {
+	index++
+	// S should be the rest of the string.
+	if sLen <= 0 || sLen > len(sigStr)-index {
 		return nil, errors.New("malformed signature: bogus S length")
 	}
-	index++
 
 	// Then S itself.
 	signature.S = new(big.Int).SetBytes(sigStr[index : index+sLen])